Splunk Releasing New App for Assessing Exchange Operations

Version 3.0 of the Splunk App for Microsoft Exchange will be released on April 15. It's been improved by integrating three capabilities, enabling the correlation of information from Exchange Active Directory, Windows application components and operating system data, according to Leena Joshi, senior director of solutions marketing at Splunk.

Those capabilities are surfaced in prebuilt dashboards and reports or custom reports can be created. The app also can report planning information, such as messaging volumes and e-mail use over time. It gets its data from Exchange Server as well as various infrastructure components, such as proxy servers and firewalls. The app works with Splunk Enterprise, which is the company's flagship platform product.

Splunk makes its own apps for Splunk Enterprise, but it also has a partner community supporting the product. All told, there are about 400 to 500 apps made for the Splunk Enterprise platform, according to Joshi.

"Splunk is a platform for machine data," she explained, in a phone call. "It's really data generated by the applications, operating system, machinery, RFID tags -- any type of text-based, semistructured, unstructured, polystructured data that is generated in a business. We can ingest any of this data and index it, analyze it and harvest it for a variety of different uses. The uses can range from security and compliance, to applications management, to IT operational use cases, to digital intelligence, and even recently to Internet-of-things types of use cases. Objectivity comes from the ability to index a lot of different kinds of data…but also from our powerful search language, which can help us parse through the data, apply a schema on the fly, generate visualizations, detect anomalies, find outliers and charge dashboards that provide the meaning to the data."

Splunk's main value proposition is in being agnostic to its data sources to provide an end-to-end operational picture for organizations, she added. The Exchange app can be used to assess system response times, check why mailboxes are responding slowly and even check if an account is under attack, she said. Splunk considers its solutions to be "complementary" to various management tools.

While Microsoft System Center Operations Manager can be good for assessing Exchange performance management, Splunk uses data from Exchange and additional message delivery components, including from both Windows and Linux, to provide an operations picture. The Splunk App for Exchange has been around for a couple of years and has been the company's most popular app, according to Joshi.

Splunk has been a company since 2004 and currently has 7,000 enterprise customers, Joshi said. Its other new offerings include Splunk Cloud for assessing cloud operations and Splunk Hadoop for big data projects. It doesn't yet offer a Splunk App for Office 365 but that's under consideration, she said. The company does have a Splunk App for SharePoint, but it's currently at the beta stage.

Splunk App for Exchange works with Exchange Server 2007, 2010 or 2013. The company offers a 60-day trial for free.